OK - I may need to ask a different question. let me give some more particulars and some additional information. after messing with things a bunch, i figured out I was not advertising tls properly nor was i advertising auth properly (telneting in and not seeing auth and not seeing starttls). i got that rectified, i think. this seemed to manifest itself only on cell networks - even using a pc on a cell phone hot spot! - and at least one wifi network (datacenter) that I know of. if i connected that same pc to my home or work wifi it would work fine, the same applies to the actual cell phones as well, they worked fine on my home or work wifi. also all other connections work fine from other locations, just a client was in the same condition by working at home on his wifi from his cell but not when out and about on the cell network which prompted me to set up my own to reproduce the issue. i still get an error on the server even though the email goes through: 2018-03-10 00:01:08 plain_login_exim4u authenticator failed for 162-238-133-48.lightspeed.sndgca.sbcglobal.net ([192.168.1.85]) [162.238.133.48]:44056 I=[10.10.0.150]:587: 535 Incorrect authentication data any ideas here? maybe i need to set up more auth types? below is what i had typed up to send following my initial email this evening: I had a user on the T-mobile cell network get all outgoing smtp emails rejected. The message in the server is "relay not permitted". The reason I thought it might be aDNSBL is that the IP trying to connect with that smtp session is listed in the Zen DNSBL. However, it seems I have all DNSBL entries commected out in exim4u_local_conf.inc. I also dug around in the exim.conf and the message for a DNSBL reject is "Spammer rejected. DNSBL listed at $dnslist_domain at $dnslist_text. Ratelimit inc remented.". When I searched for the reject message "relay not permitted" I find it in this section: # If control reaches this point, the domain is neither in +local_domains # nor in +relay_to_domains. # Reaching the end of the ACL causes a "deny", but we might as well give # an explicit message. deny message = relay not permitted I see authenticated users is accepted above this in the acl's, so I am not sure why the message would get this far without being accepted. ------ Original Message ------ From: "Helmut Fritz" <helmut(a)fritz.us.com> To: users(a)exim4u.org Sent: 3/9/2018 8:47:57 PM Subject: [Exim4U] DNSBL question I hope everyone is well, it has been a long while. I am wondering if others use DNSBL and what they might do about random ip addresses that show up on the Zen DNSBL such as cell phone provider IP's that get used for people to send email from their cell phones? I have run into it twice now, once with ATT and again with T-mobile. Also, how to ensure that DNSBL lookups are turned off? And what provides the functionality? I think it is exim directly, and within the acl's? or does exim4U do it a bit differently? Thx for any and all info/answers. Helmut